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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .31 2. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with attorney of record Edward Ramage reg. no. 50,810 on November 30, 201 1 . 

1 . The following claims listed below supersede all previously filed claims 

2. Claim 1 7. A method for identifying devices and controlling access to a service, 
comprising the steps of: 

collecting data related to software and hardware configurations from a device 
through a software agent installed on the device; 

generating a digital signature for the device by hashing the software and 
hardware configuration data, wherein the resulting hashes are used to generate the 
digital signature are changed with every attempt to access a service; 

sending the digital signature of the device to an authentication server, wherein 
the authentication server compares the digital signature sent with one or more 
previously-stored digital signatures; and 

determines whether the device has been excluded from accessing or enrolling in 
the service through the authentication server by determining whether the device is on a 
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list or in a group of devices not allowed to access the service, or is included within a 
group of devices allowed to access the service. 

3. Claim 18. The method of claim 17, wherein the digital signature sent to the 
authentication server is encrypted. 

4. Claim 19. (Cancelled). 

5. Claim 20. The method of claim 1 7, wherein the hashes used to generate the 
digital signature are changed with every attempt to access a service, wherein the 
hashes cannot be reversed. 

6. Claim 21 . The method of claim 1 7, wherein authenticating the digital signature is 
at least one of multiple is one of several stages of a framework of authorization and 
authentication processes governing access to the service by the device. 

7. Claim 22. (Cancelled). 

8. Claim 23. (Cancelled). 

9. Claim 24. The method of claim 17, wherein the authentication server allows a 
maximum number of enrollments for a particular device. 
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10. Claim 25. (Cancelled). 

1 1 . Claim 26. The method of claim 1 7, wherein the authentication server allows 
minor modifications to the software or hardware configurations of a previously-enrolled 
device so as to preserve access or denial of access for the device. 

1 2. Claim 27. The method of claim 26, wherein the previously- stored digital 
signature of the device is updated to reflect the modifications. 

13. Claim 28. The method of claim 17, wherein the authentication server logs all 
accesses or attempted accesses by a device to the service. 

14. Claim 29. The method of claim 17, wherein multiple devices can be registered for 
a single user with the authentication server to create a registration hierarchy. 

1 5. Claim 30. The method of claim 29, wherein a user can unregister a device only 
through the device itself, or another device within the registration hierarchy registered 
earlier than the device to be unregistered. 

1 6. Claim 31 . A method for identifying devices and controlling access to a service, 
comprising the steps of: 
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collecting data related to software and hardware configurations from the device 
through a software agent installed on the device; 

generating a digital signature for the device by hashing the software and 
hardware configuration data, wherein the resulting hashes used to generate the digital 
signature are changed with every attempt to access the service; 

sending the digital signature of the device to the authentication server; 

verifying with the authentication server through a comparison of the digital 
signature sent with one or more previously-stored digital signature to determine that the 
device is not on a list or in a group of devices not allowed to access the service, or is 
not a device with a maximum number of enrollments set to zero; and registering the 
device as authorized to access the service. 

1 7. Claim 32. The method of claim 31 , further comprising the step of verifying the 
identity of the device each time it subsequently attempts to access the service. 

18. Claim 33. (Cancelled). 

19. Claim 34. (Cancelled) 

20. Claim 35. A system for identifying devices and controlling access to a service, 
comprising: 
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a software agent installed on a device, adapted to collect data related to software 
and hardware configuration of the device; 

a digital signature for the device, generated by the software agent by hashing the 
software and hardware configuration data which is changed with every attempt to 
access the service; and 

an authentication server that determines whether the device can access the 
service based upon the digital signature of the device being compared with one or more 
previously-stored digital signatures; 

wherein the authentication server verifies that the device is not a list or in a group 
of devices not allowed to access the service, or is included within a group of devices 
allowed to access the service, or is not a device with a maximum number of enrollments 
set to zero. 

REASONS FOR ALLOWANCE 

1 . The Examiner notes applicant's amended independent clams 1 7 and 35 
limitations of: "generating a digital signature for the device by hashing the software and 
hardware configuration data, wherein the resulting hashes are used to generate the 
digital signature are changed with every attempt to access a service" and "wherein the 
authentication server compares the digital signature sent with one or more previously- 
stored digital signatures and determines whether the device has been excluded from 
accessing or enrolling in the service through the authentication server by determining 
whether the device is on a list or in a group of devices not allowed to access the 
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service, or is included within a group of devices allowed to access the service." are not 
disclosed by the cited prior art of Moshir (US Patent Publication 2004/0003266), Aissi et 
al. (US Patent Publication No. 2005/0149730) and Cravo De Almeida et al. (US Patent 
Publication No. 2003/0055931 ). With regards to applicant's independent claim 31 , the 
Examiner notes applicant's has amended the claim to include the limitation of 
"generating a digital signature for the device by hashing the software and hardware 
configuration data, wherein the resulting hashes used to generate the digital signature 
are changed with every attempt to access the service" and "verifying with the 
authentication server through a comparison of the digital signature sent with one or 
more previously-stored digital signature to determine that the device is not on a list or in 
a group of devices not allowed to access the service, or is not a device with a maximum 
number of enrollments set to zero". The Examiner notes that neither cited reference 
includes the above limitations. Dependents claims 1 8, 20, 21 , 26, 27, 28, 29, and 30 
depend on independent claim 1 7 and are therefore allowed. Dependent claim 32 
depends on independent claim 31 and is therefore allowed. 

2. The Examiner notes the teachings of prior art Salowey et al. (US Patent 
Publication No. 2006/0200856. The Salowey reference was as a result of a updated 
prior art and interference search. The Examiner notes that Salowey teaches obtaining a 
device configuration for the purpose of validating the device to the network however 
Salowey teachings do not disclose applicant's claim limits of: "generating a digital 
signature for the device by hashing the software and hardware configuration data, 
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wherein the resulting hashes are used to generate the digital signature are changed 
with every attempt to access a service" and "wherein the authentication server 
compares the digital signature sent with one or more previously-stored digital signatures 
and determines whether the device has been excluded from accessing or enrolling in 
the service through the authentication server by determining whether the device is on a 
list or in a group of devices not allowed to access the service, or is included within a 
group of devices allowed to access the service". 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Accordingly, Claims 17, 18, 20, 21, 24, 26-32 and 35 are allowed. 

Interview Summary 

The Examiner contacted the applicant on November 30, 201 1 with purposed 
amendments that would place the application in condition for allowance. The Examiner 
notes that the applicant agreed to the purposed amendments. The Examiner notes that 
purposed amendments are captured above as part of an Examiner's Amendment. 
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Response to Amendment 

The Examiner notes applicant's remarks filed on 8/16/201 1 have been 
considered. 



Contact Information 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BRYAN WRIGHT whose telephone number is (571 )270- 
3826. The examiner can normally be reached on 8:30 am - 5:30 pm Monday -Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Flynn Nathan can be reached on (571) 272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571 -273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-91 99 (IN USA OR CANADA) or 571 -272-1 000. 



/BRYAN WRIGHT/ 
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